We reminded you last month that companies sponsoring large health care plans must comply by April 14 with the new Health Insurance Portability and Accountability Act (HIPAA). Smaller plans must comply by April 14, 2004.
But don't be sloppy with medical information, even if HIPAA doesn't apply to your company until 2004, or ever. Reason: Other existing federal laws put the responsibility for securing employees' medical data squarely on your shoulders.
The Americans with Disabilities Act (ADA) privacy protections apply to medical documentation you receive to support employees' leave requests. That's why you should limit access to medical documentation to only those who need to know: your occupational health office (if your company has one), and supervisors and HR staff when needed to approve leave or consider reasonable accommodations.
Recent case: When an HIV-positive postal worker requested leave under theAct ( ), he followed company policy by submitting a doctor's note describing his illness. When he returned to work, his HIV status had become common knowledge among co-workers.
He sued for invasion of privacy under the Privacy Act (which applies only to the federal government) and Rehabilitation Act (which is legally identical to the ADA and applies to private-sector employers with at least 15 workers).
A lower court sided with the Postal Service, saying his submitting of the medical info was voluntary because he didn't have to take. But a federal appeals court rejected that argument and let the case go to trial. It said the doctor's note amounted to a medical "inquiry" by the employer, so the information fell under the Rehabilitation Act's confidentiality provision. (Doe v. United States Postal Service, No. 01-5395, D.C. Cir., 2003)
Like what you've read? ...Republish it and share great business tips!
Attention: Readers, Publishers, Editors, Bloggers, Media, Webmasters and more...
We believe great content should be read and passed around. After all, knowledge IS power. And good business can become great with the right information at their fingertips. If you'd like to share any of the insightful articles on BusinessManagementDaily.com, you may republish or syndicate it without charge.
The only thing we ask is that you keep the article exactly as it was written and formatted. You also need to include an attribution statement and link to the article.
" This information is proudly provided by Business Management Daily.com: http://www.businessmanagementdaily.com/558/keep-medical-data-private-even-if-new-hipaa-rules-dont-apply "